<<< Date Index >>>     <<< Thread Index >>>

Re: OT: offending sig + headers



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thursday, May 17 at 06:30 PM, quoth Derek Martin:
> And the comment in my sig is anything but glib.

Oh come now. Given that "glib" means "insincere" (and shallow), and 
that I really doubt you expect anyone to give the spammers a heartfelt 
thanks, I think "Thank the spammers" is pretty close to the very 
definition of glib. "Thank you SO much, Mr. Spammer, sir. I sincerely 
appreciate any and all inconvenience you've caused Mr. Martin and any  
well-meaning list members interested in contacting him privately." Yes 
that's sarcasm, but I'm proving a point here: surely you don't 
actually intend people to actually thank the spammers. I'm not 
questioning the intent behind the rest of your signature, but "thank 
the spammers"? Come on.

I have no doubt that spam and spammers are the reason for your policy.  
And saying something like "The spammers have forced my hand." or "I 
look forward to a spam-free world." or something similar gets the same 
idea across without the flip attitude.

(Not, I wish to point out, that I am personally offended by it; but I 
can see that some might.)

>> And one of these is supposed to be less irritating than the other? 
>
> The difference is that one is potentially irritating to people *I care 
> about receiving mail from*, and the other absolutely is not.  I'll let 
> you guess which is which...  ;-)

Mmm, I guess it all rests on the specific definition of "people I care 
about receiving mail from", and in your case, it requires that people 
find a way to contact you in non-private-email (or non-email) form 
first, to request the secret address. In both the challenge case and 
the secret-email-address case, the onus is on the sender to take the 
extra steps to make sure their email reaches you. You can be proactive 
and make sure that the people you wish to contact have your email 
address, but you can also be proactive and make sure that the people 
you wish to contact are in your whitelist.

Frankly, I don't see much difference between your current method, and 
maintaining a simple whitelist where anyone whose email address isn't 
in your whitelist cannot contact you (let's say, email from senders 
not in the whitelist get rejected). In fact, if you were to use a 
whitelist, that would even allow you to revoke permission to send to 
you.

> I've also already stated that I maintain a public address that gets 
> heavily filtered.

Given how you've criticized such filtering as potentially losing mail, 
I don't see that this is a valid way to address the problem of "people 
on mailing-list X wish to contact you". Following the logic of your 
other arguments, in this case, their mail may get lost and they'll 
never know (I'm presuming that since you've said you hate spending 
time reviewing spam decisions, you aren't doing that for this public 
address). And, if this address is your solution to the problem of 
people you don't know contacting you, why don't you put that address 
in your sig?

Since you don't, it seems like a more accurate statement to put in 
your sig is:

     The sending address of this email is invalid. If I wish to talk to 
     you privately, I will contact you first. Otherwise, please leave 
     me alone.

> If I expected mail from you, it wouldn't get lost.  A variety of 
> other solutions also exist: web page with the address as an image,

This is roughly the same as a temporary URL; requires work, and is 
vulnerable to spammers just the same (all you're doing is relying that 
spammer OCR technology isn't very good, which may be true for the 
moment, but they'd quickly get better if everyone used this 
technique).

> IM,

Posting your IM screen name so that you can send each other your 
respective email addresses is roughly the same as posting your phone 
number to mailing list for the same purpose. (Are the IM anti-spam 
techniques that much better than are possible with email? Of course 
not.)

> irc private message,

Which is equivalent to IM, only it requires a slightly older and less 
popular communication protocol.

> etc.  A small amount of thought produces a large number of 
> solutions...

And my point is that they boil down to either providing some permanent 
email-alternative (which can then be potentially exploited by spammers 
of some variety) or a temporary mechanism (url, email, what-have-you) 
which requires significantly more effort. It's not that my imagination 
is limited here, it's that these methods fit into two basic 
categories, and thus listing several is beside the point.

~Kyle
- -- 
A man cannot be held responsible for what his mind does while he's 
asleep.
                                                     -- Jean Luc Picard
-----BEGIN PGP SIGNATURE-----
Comment: Thank you for using encryption!

iD8DBQFGTUmCBkIOoMqOI14RAh/dAJsHjZL8UJbW/YDGOPSN79utWQ7/fgCg5RtG
ON7J6C/EBvzmEkND8dSBns0=
=xec2
-----END PGP SIGNATURE-----